HackerTrans
TopNewTrendsCommentsPastAskShowJobs

zsims

no profile record

comments

zsims
·2년 전·discuss
Tradeoff is all the edge cases of cookies, CSRF etc. It's not a simple "cookies are better"
zsims
·2년 전·discuss
> The U.S. government wants everyone to abandon C/C++ -- how will they do this if they depend on SQLite3?

ABI, the same way you don't need the Linux kernel to be rewritten to remove your app dependency on C/C++
zsims
·2년 전·discuss
We do, I want to know if it's going to rain on my birthday
zsims
·2년 전·discuss
> Whilst Crowdstrike are going to cop a potentially existential-threatening amount of blame, an application shouldn't be able to do this kind of damage to an operating system.

It doesn't operate in user space, they install a kernel driver.
zsims
·2년 전·discuss
Blame for Flash? Or celebrated for killing Flash?

Flash was a security nightmare
zsims
·2년 전·discuss
There are other paths to the attack he mentioned. Eg you find an API that accepts ciphertext or part of. Or a cloud backup/restore flow. Likely you need another vulnerability but it does happen.
zsims
·2년 전·discuss
The problem is, it's not their software. No control over Slack, Outlook etc
zsims
·2년 전·discuss
Useful because you can support existing passwords without requiring everyone to login or reset their password. Still has flaws though, like password shucking.
zsims
·2년 전·discuss
Western Australia could be the ongoing emu war - https://en.wikipedia.org/wiki/Emu_War
zsims
·4년 전·discuss
If the patch gap is small, yes. But are you patching V8? Node generally isn't.